-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add options to host rules to enable mTLS calls to host #24155
feat: add options to host rules to enable mTLS calls to host #24155
Conversation
5ac05d9
to
930bfd3
Compare
930bfd3
to
612b0dc
Compare
IMHO, together with the new option, it would be crucial to highlight that a private key must not be specified directly there. The consequence would be a complete loss of confidentiality and RSA / EC keys floating around in renovate configs. |
Co-authored-by: HonkingGoose <34918129+HonkingGoose@users.noreply.github.com>
…ggested format for privateKey
Co-authored-by: Rhys Arkins <rhys@arkins.net>
81a1219
to
aa06f5a
Compare
Co-authored-by: HonkingGoose <34918129+HonkingGoose@users.noreply.github.com>
Co-authored-by: HonkingGoose <34918129+HonkingGoose@users.noreply.github.com>
are we still waiting for anything else that needs to be resolved in this PR? |
🎉 This PR is included in version 36.87.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
Changes
Make the
certificateAuthority
,privateKey
andcertificate
options available inhostRules
option and pass them intogot
options so that Renovate will be able to communicate to target server that use mTLS as a way of authentication.Context
We need to be able to call an internal data source that require mTLS as authentication method. Hence the change. Ideally the keys, certs and CA certificate will be loaded in our self-hosting Renovate and feed through secrets option.
The loaded credentials will be passed to got's https options
Documentation (please check one with an [x])
How I've tested my work (please select one)
I have verified these changes via: